Wireless adoption in the enterprise, widely seen as a productivity booster, continues to be hampered by security concerns, according to speakers and users in Palm Desert, Calif., at Computerworld’s Mobile & Wireless World conference.
“I’m constantly getting hacked,” said Majid Zahedi, an applications specialist at Forty-Niner Shops Inc., which provides bookstore and food services at California State University in Long Beach, Calif. He was referring to server statistics that show constant probes launched against his network.
The company has some remote users who need wireless access, but securing the network is “my main concern right now,” Zahedi said. It’s especially unnerving, he said, to “see the kids with their [mobile] computers trying to sniff out our information” with Wi-Fi sniffers.
Zahedi said security is so worrisome that he’s recommending to the company’s board of directors that they remove all wireless networks.
While other companies may not be ready to give up on wireless because of security just yet, such concerns are the main impediment to widespread wireless adoption, according to 46 per cent of attendees who voted in an instant poll during the conference.
Lynn Carson, a PC support manager at International Sematech in Austin, Tex., said his company within the past five months provided complete wireless access to its headquarters building. But the project was delayed by security considerations.
“Security was the big detriment to rolling that out,” he said. “It kept us from moving faster on the project.”
Scott Richards, vice-president of product management at Senforce Technologies Inc. in Orem, Utah, said during a panel discussion that companies have long had to deal with “a balancing act between productivity and security,” and that has been magnified with the spread of mobility devices. Companies used to have a safe network perimeter protected by firewalls and the like, he said, but now they must secure each device that extends beyond that perimeter.
“Data is flowing through the air, and there are some security issues with that,” Richards said.
Those issues sometimes become all too real. Panel member Marty Menard, an executive at Intel Corp., mentioned during the discussion that someone once “snooped” the e-mail of 10 to 12 vice-presidents in an Intel facility in Ore. The hole has been patched, he quickly noted.
Lost and stolen mobile devices are another security problem. Though losing a device may be rare, “there are concerns there,” Richards said.
Like it or not, he said, most companies must address these security concerns. Through “viral deployment” — unauthorized devices being brought in by users — or officially sanctioned efforts, “you do have mobility,” he said. Richards said he found it interesting that he could visit companies ostensibly avoiding wireless technology, only to fire up his laptop and find several Wi-Fi access points on-site.
That proves companies need a security policy, Richards said. But “it’s only good if you enforce it,” he added.
That view was echoed by speaker Gary Bullock, a network solutions project manager at Allstate Insurance Co. He said Wi-Fi has introduced the need to enforce existing security procedures. “Someone broadcasting their C drive to the world at Starbucks is a big concern for us,” he said. So if the company says it requires a strong password protection program, for example, “we have to use it.”
A compelling case for mobile/wireless ROI benefits might help companies more fully embrace mobile/wireless technology, but hard numbers remain elusive.
“ROI is a big concern,” said Ronald Klemm, senior manager of MIS at Medco Health Solutions Inc., a pharmacy benefits management company in Las Vegas. “It’s really hard to justify” implementing wireless technology, he said. Although employees can work more efficiently and faster when wireless access is available, freeing them up for other duties, “how do you put a ROI on that?”
Others agreed. Dave Garrett, vice-president and CIO of Baptist Health Care in Pensacola, Fla., spoke about the ROI of his company’s mobility initiative, which provided wireless service to physicians via PDAs. “It’s softer, but it’s real,” he said of the project’s ROI. Physicians who use the service are happy with it, so they want to do more business with the company.
He also expressed confidence that the company would see its market share increase because of the project. “We just know that our physicians like it and are talking about it,” Garrett said.
Richard Stone, wireless and mobility solutions manager at Hewlett-Packard Co., said “there’s always an unpredictable ROI that just comes out of nowhere” with a wireless installation, even if people at first think it’s just an easier way to connect to the network. For example, he said, wireless LANs let managers know not only who users are, but also where they are, so the company can provide services to them based on those two factors.
Dan Taylor, managing director of Mobile Enterprise Alliance Inc., a nonprofit consortium of vendors and enterprise users, acknowledged the lack of solid ROI numbers. Many ROI models are “analytical assertions,” he said, and proving mobile/wireless ROI is hampered by “no empirical data.”
As a result, Taylor said his organization is calling on the industry to “develop robust ROI methodologies to launch mobile and wireless investments to support organization objectives.”
Those methodologies might be too late for users such as Zahedi, who wants his company to abandon wireless networks because of security concerns. Wireless technology may be worth a lot, he said, but “if I can save my system and data, it’s worth everything.”